Month: March 2011

Me doing a security type post, here’s a first…Some of you will repost this, others won’t. No scaremongering here. Realistically, not enabling https access may not affect you at all, but if you use an unencrypted wi-fi access for FB, then you definitely should be. (Does anyone still have a non WPA2 encrypted home wi-fi network? I so so hope not!)

I am not going to get technical. Lets just say that gmail implemented it as default a few months back. I remember Charl B pointing out this issue with regards to gmail nearly 16 months ago and the opt in solution . Then they made it default a few months later. Most gmail users probably never even noticed the change. It made no difference to the performance.

On facebook its still opt in however, not default, a year later!

https is the encrypted protocol that banks use for communication when you do your banking. You know, “the lock” at the bottom of your browser?
Firesheep is an add-on that runs in firefox that allows someone on the same unencrypted wi-fi network as you to basically log in as you to sites that don’t use https for the whole session. Before this, “sidejacking” was a bit more difficult.

If you use firefox and facebook, you may notice (or may not actually) that the navigation buttons and added functionality options by way of “buttons” dont show up. These are the Nav buttons next to the facebook logo for Friend requests, messages and notifications. Then the button for settings on posts on your wall and even the forward and back buttons for the photos.